CompTIA Security+ Study Guide
Domain 1: Threats, Attacks, and Vulnerabilities
Key Concepts
- Malware Types:
- Viruses: Malicious code that attaches itself to a host file and replicates. It requires user action
to spread.
- Worms: Standalone malware that replicates itself to spread to other computers without
needing a host file or human interaction.
- Ransomware: Encrypts files on a victim's system and demands payment for the decryption
key.
- Spyware: Secretly collects information about a user without their knowledge.
- Adware: Automatically displays or downloads advertising material when a user is online.
- Trojans: Disguises itself as legitimate software to trick users into installing it, often creating
backdoors.
- Social Engineering:
- Phishing: Fraudulent attempt to obtain sensitive information by pretending to be a trustworthy
entity via email.
- Spear Phishing: Targeted phishing attack aimed at a specific individual or organization.
- Impersonation: Pretending to be someone else to gain unauthorized access to information.
- Shoulder Surfing: Observing someone’s screen or keyboard to gain information.
- Attack Vectors:
- Direct Access: Physical access to systems where an attacker can steal data or install malware.
- Wireless: Attacks on wireless networks, such as cracking WEP/WPA keys.
- Email: Includes phishing and spam emails that spread malware or extract information.
, - Supply Chain: Compromising a supplier to attack its customers.
- Threat Actors:
- Script Kiddies: Inexperienced hackers using pre-written tools and scripts to launch attacks.
- Hacktivists: Individuals or groups that use hacking to promote political ends.
- Organized Crime: Criminal organizations engaging in cybercrime for financial gain.
- Nation States: Government-sponsored groups conducting cyber-espionage or attacks.
- Insiders: Employees or associates with access to internal systems who misuse their privileges.
Practice Questions
1. What type of malware encrypts files and demands a ransom?
2. Describe a phishing attack and how it can be identified.
3. Who are "script kiddies" and what are their typical attack modes?
---
Domain 2: Architecture and Design
Key Concepts
- Secure Network Design:
- DMZs (Demilitarized Zones): A physical or logical subnetwork that contains and exposes an
organization's external services to a larger untrusted network, usually the Internet.
- VLANs (Virtual Local Area Networks): Used to segment network traffic for improved
security and efficiency.
- VPNs (Virtual Private Networks): Secure connections over the internet to provide privacy and
encapsulation of data.
Domain 1: Threats, Attacks, and Vulnerabilities
Key Concepts
- Malware Types:
- Viruses: Malicious code that attaches itself to a host file and replicates. It requires user action
to spread.
- Worms: Standalone malware that replicates itself to spread to other computers without
needing a host file or human interaction.
- Ransomware: Encrypts files on a victim's system and demands payment for the decryption
key.
- Spyware: Secretly collects information about a user without their knowledge.
- Adware: Automatically displays or downloads advertising material when a user is online.
- Trojans: Disguises itself as legitimate software to trick users into installing it, often creating
backdoors.
- Social Engineering:
- Phishing: Fraudulent attempt to obtain sensitive information by pretending to be a trustworthy
entity via email.
- Spear Phishing: Targeted phishing attack aimed at a specific individual or organization.
- Impersonation: Pretending to be someone else to gain unauthorized access to information.
- Shoulder Surfing: Observing someone’s screen or keyboard to gain information.
- Attack Vectors:
- Direct Access: Physical access to systems where an attacker can steal data or install malware.
- Wireless: Attacks on wireless networks, such as cracking WEP/WPA keys.
- Email: Includes phishing and spam emails that spread malware or extract information.
, - Supply Chain: Compromising a supplier to attack its customers.
- Threat Actors:
- Script Kiddies: Inexperienced hackers using pre-written tools and scripts to launch attacks.
- Hacktivists: Individuals or groups that use hacking to promote political ends.
- Organized Crime: Criminal organizations engaging in cybercrime for financial gain.
- Nation States: Government-sponsored groups conducting cyber-espionage or attacks.
- Insiders: Employees or associates with access to internal systems who misuse their privileges.
Practice Questions
1. What type of malware encrypts files and demands a ransom?
2. Describe a phishing attack and how it can be identified.
3. Who are "script kiddies" and what are their typical attack modes?
---
Domain 2: Architecture and Design
Key Concepts
- Secure Network Design:
- DMZs (Demilitarized Zones): A physical or logical subnetwork that contains and exposes an
organization's external services to a larger untrusted network, usually the Internet.
- VLANs (Virtual Local Area Networks): Used to segment network traffic for improved
security and efficiency.
- VPNs (Virtual Private Networks): Secure connections over the internet to provide privacy and
encapsulation of data.
